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Predictive  Analytics  Go  to  Work 

28  Projects  using  predictive  analytics  involve  both  art  and  science,  but  getting 
started  isn't  for  high  rollers  only.  Here's  how  to  ensure  a  successful  outcome. 
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Flight  Attendants  to  Use  Galaxy  Notes 


American  airlines  said  it  plans 

to  purchase  about  17.000  first- 
generation  Samsung  Galaxy  Note 
devices  for  use  by  cabin  crew 
membeis  during  flights. 

Flight  attendants  will  use  the  combination 
smartphone/tablet  to  record  passengers'  meal 
and  beverage  preferences,  and  to  access  infor- 


and  its  HD  display.  They  also  liked  the  fact 
that  they  could  hold  the  device  in  one  hand 
and  easily  slip  it  into  a  pocket. 

American  Airlines  CIO  Maya  Leibman  said 
the  Note  rollout  is  part  of  a  corporate  program 
that  includes  pioneering  new  technologies  “to 
build  a  new  American  and  return  to  industry 
leadership.” 


cessor  to  Server  2008  to  be  Server 
2012.  which  debuted  last  month.  The 
September  debut  pushed  the  end  of 
mainstream  support  for  Server  2008 
from  July  9, 20B,  to  Jan.  13. 2015. 
The  end  of  extended  support  for 
Server  2008  is  now  Jan.  14. 2020. 

In  mainstream  support.  Microsoft 
offers  security  patches,  general  fixes 
and  feature  updates  free  of  charge. 
During  extended  support,  which 
runs  five  years  beyond  mainstream 
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#  theT data  center  is  here 


The  solution  for  automated  scalability. 
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Find  an  easier  way  to  manage  your  virtual  infrastructure. 
Visit  brocade.com./everywhere 


BROCADE 
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Acosta,  a  product  manager  at  Dell. 

For  its  part,  the  Stampede  supercomputer 
includes  thousands  of  C8000  servers  with  a 
total  of  272TB  of  memory  and  14  petabytes 
of  storage.  Dell  and  the  Texas  Advanced 
Computing  Center  at  the  University  of  Texas 
worlmd  together  on  Stampede.  The  design  for 
the  C8000  servers  blossomed  as  the  super- 


and  can  be  equipped  with  graphics  proces¬ 
sors.  All  of  the  servers  are  designed  for  use 
in  highly  parallel  computing  environments, 
Acosta  said. 

Pricing  starts  at  $35,000  for  the  C8220, 
$42,000  for  the  C8220X  and  about  $25,000 
for  the  C8000XD  storage  box. 

-  Agam  Shall.  IDG  News  Service 


doop  the  Bl  tool  integrates  with. 
Hadoop  technologies  include  Hive 
Hbase.  PigandSqoop. 

"You  really  need  to  peel  a  few 
layers  of  the  onion"  to  confirm 
whether  any  given  Bl  tool  can  real 
work  with  Hadoop.  he  wrote. 


Today,  99%  of  the  Fortune  Global  500  rely  on  VMware’,  the  leader  in  virtualization. 
VMware  laid  the  foundation  for  cloud  infrastructure,  so  you  can  build  on  our  expertise 
to  create  a  cloud  environment  that’s  secure,  reliable  and  agile.  It’s  not  just  about 
getting  to  f/7e  clou4r  It’s  about  getting  to  your  cloud.  ^ _ _ 

vmware 

The  power  behind  your  cloud. 


vnnware.com/whiteboard 


Master’s  d^ree  pro^ams  in  analytics 
emerge  amid  projections  of  a  talent 
shortage  -  and  in  response  to  lobbying  by 
big  companies.  By  Patrick  Thibodeau 


COlLECtS  AND  UNIVERSITIES  are  moving  swiftly  to 
create  advanced  degree  programs  to  help  meet  what's 
expected  to  be  rapidly  rising  demand  among  employers 
for  specialists  who  can  manage  and  analyze  big  dau. 
The  schools  ate  likely  aware  of  a  McKinsey  report 
warning  of  a  mega-shortage  of  analytical  experts  that  could 
leave  as  many  as  190,000  positions  unfilled  by  2018.  They're  also 
responding  to  appeals  from  big  employers  like 
IBM  and  SAS  Institute  that  have  b«n  lobbying 


salary  was  $89,100  overall,  and  $100,100  for  students  with  prior 
job  experience.  Moreover,  60%  of  the  students  received  signing 
bonuses  that  averaged  $16,000,  the  school  reported. 

Meanwhile,  Northwestern  University  last  month  launched  a 
new  15-nionth,  full-time  master  of  science  in  analytics  program, 
said  Chris  Bray,  assistant  director  of  the  program. 

One-third  of  the  32  students  in  the  Northwestern  program  en¬ 
rolled  directly  from  undergraduate  programs,  another  third  have 
one  to  6ve  years  of  work  experience,  and  the  remainder  have  five  to 
10  years  of  experience.  The  median  age  of  students  is  27,  said  Bray. 

Noting  that  the  program  was  developed  with  the  he^  of  IBM, 
Bray  said  the  curriculum  covets  IT,  data  science  and  business,  to 
teach  students  to  analyze  data  and  "communicate  the  value  of  it.” 

Similar  graduate  programs  ate  in  the  works  at  New  York 
University’s  Stern  School  of  Business,  the  Dearborn  College  of 
Business  at  the  University  of  Michigan  and  Loras  College  in 
Dubuque,  Iowa. 

Louisiana  State  University 


typical  IT  department  spends  at 
least  33%  of  a  project’s  budget 
just  specifying,  designing  and 
procuring  IT  components.  And 


TO  READY  IN  HOURS. 


INTRODUCtNG 

once  procured,  it  can  take  up  to  IBM  PURESYSTEMS. 
three  months  of  tweaking  before  To  address  this  problem,  IBM 

those  resources  are  ready  to  set  out  to  design  a  system  that 
be  used.'  could  benefit  from  previous 

experience — a  system  that 
could  follow'  the  patterns 
established  by  successful  IT 
projects  K)  make  it  simpler  to 
deploy  and  manage  new  ones. 


and  resources  suiting  from 
scratch  with  every  new  project? 


With  the  launch  of 
PureSystems"  we  are  now 
delivering  on  that  promise. 
Using  patterns  esublished 
by  IBM  and  leading  software 
vendors,  this  new  breed  of 


organizations  will  no  longer 
address  complex  diallenges 
with  generic  sv’stems.  Instead 
they  can  rely  on  integrated 
systems  with  the  built-in 
expertise  to  help  solve  diem. 
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Microsoft  Pitches 
New  $10,000  Visas 

The  company  says  its  proposed  H-IB  program 
could  fund  STEM  education  to  help  U.S.  students 
develop  tech  skills.  By  Patrick  Thibodeau 


WHEN  THE  recession  hit  in  2008.  Congress  and 
big  tech  employers  mostly  shelved  the  idea  of 
creating  mote  H-iB  visas  to  combat  what  some 
described  as  a  skills  shortage.  This  year,  however, 
proposals  for  overhauling  work  visa  programs 
have  re-emerged  as  demand  for  H-tB  visas  has  strengthened. 

The  federal  government  begins  accepting  H-iB  applications 
for  the  coming  fiscal  year  on  April  1.  And  this  year,  the  number 
of  applications  for  fiscal  2013,  which  began  Oct.  1,  exceeded  the 
annual  cap  of  85,000  visas  in  30  days.  At  the  height  of  the  reces¬ 
sion,  it  could  take  is  long  as  to  months  to  hit  the  cap. 

Plans  to  loosen  visa  restrictions  are  being  put  forth  in  Wash¬ 
ington,  including  a  proposal  from  Microsoft,  whose  employment 
circumstances  have  changed  for  the  better  since  it  laid  off  some 
5,000  people  in  2009. 

Microsoft  executives  late  last  month  said  that  the  company  has 


about  6,000  open  jobs  in  the  U.S.  and  is  creating  new 
positions  faster  than  it  can  fill  them. 

In  remarks  delivered  at  the  Brookings  Institution  in 
Washington,  Brad  Smith,  Microsoft's  general  counsel 
executive  vice  president,  cited  the  company’s 
workforce  needs  when  he  made  a  case  for  new  types 
of  H-iB  visas  and  permanent  employment  visas. 

Smith  proposed  that  Congress  should  help  employ¬ 
ers  find  qualified  workers  by  adding  20,000  new  H-tB 
visas  and  an  equal  number  of  green  cards  for  people 
with  jobs  tied  to  science,  technology,  engineering  and 
math  —  the  so-called  STEM  fields. 

Microsoft’s  novel  plan  would  require  that  com¬ 
panies  pay  the  government  $10,000  for  each  new 
“supplemental"  H-iB  visa  and  $15,000  for  a  STEM  / 
green  card  visa.  The  proceeds  —  estimated  at  up  to 
$500  million  a  year  —  would  be  invested  in  educa¬ 
tion,  particularly  STEM  programs. 

Smith  said  that  3,400  of  Microsoft’s  job  openings  are 
for  researchers,  software  developers  and  engineers. 

“Our  nation  faces  the  paradox  of  a  crisis  in  un¬ 
employment  at  the  same  time  that  many  companies 
cannot  fill  the  jobs  they  have  to  offer,”  Smith  said. 

He  warned  that  if  the  positions  can’t  be  filled 
locally,  “we  risk  these  jobs  migrating  from  the  U.S., 
creating  even  bigger  challenges  for  our  long-term 
competitiveness  and  economic  growth.” 

Smith  said  Microsoft  currently  spends  83%  of  its 
R8tD  budget  in  the  US. 

Microsoft’s  visa  plan  will  likely  get  support  from 
groups  that  are  advocating  for  skilled  immigration. 
Meanwhile,  there’s  support  in  Congress  for  plans  to 
expand  the  green  card  program  for  foreign  students 
who  earn  advanced  degrees  in  this  country.  Backers 
of  such  a  policy  argue  that  it’s  advantageous  to  keep 
those  advanced  degree  holders  in  the  US.  because  they  could  be 

Lawmakers  probably  won’t  take  a  close  look  at  Microsoft’s 
proposal  until  the  next  Congress  is  seated. 

Ron  Hira.  a  public  policy  professor  at  the  Rochester  Institute 
of  Technology,  took  issue  with  Microsoft’s  claim  that  there’s  a 
scarcity  of  skilled  IT  workers  that’s  due  in  part  to  a  decline  in  the 
number  of  college  students  pursuing  computer  science  degrees. 

“Why  are  kids  not  going  into  IT?  Because  of  industry  employ¬ 
ment  relations,”  said  Hira.  “Is  there  a  shortage  of  people  going  to 
medical  school  or  even  law  school  or  investment  banking?  No, 
because  smart  kids  know  that  [those  are]  reasonable  career  paths.” 

In  the  late  tqgos,  the  number  of  computer  science  grads 
doubled,  and  Hira  believes  it  could  douUe  again.  "Why  not  focus 
efforts  on  that  instead  of  importing  guest  workers?”  he  said.  ♦ 
Grant  Gross  of  the  IDG  News  Service  contributed  to  this  story. 


Our  nation  faces  the  paradox  of  a  crisis  in  unemployment  at  the  same  time  that 
many  companies  cannot  fill  the  jobs  they  have  to  offer  ” 


irotected,  well-managed,  easily  i 


If  you  think  that  vastly  in 
cutting  edge  technology, 
approaching  50%  are  wo 
join  the  revolution. 


Visit  commvault.coin/breakfree  to  leai 
about  Simpana  software  and  why  G 
positioned  ConimVault  as  a  Leader 


CSZS  conrimvault 


Break  Free  From  Traditional  Backup. 

Revolutionary  Data  Management  Starts  With  Simpana. 


Kevin 

Kometer 


CME  Group’s  CIO  has 
learned  to  master 
large-scale  mergers. 


What's  your  favorite 
technoloiy?  The  iPad 
Is  there  something  that  most 
people  don't  know  about  you? 

I  was  turned  down  for  my  first  job 
in  technology  -  they  didn’t  think 
iwouldstayintheHTfieldl. 
Have  you  read  any  good  books 
recently?  Zero  Day. 
by  David  Baldacci 

What  do  you  do  during  off  hours? 

I  have  four  kids,  so  that  consumes 
a  great  deal  of  time.  They  all  love 
the  water,  just  like  me.  so  we  enjoy 
boating  and  Jet  Skiing.  I  also  love 
golf  and  tennis. 

What  do  you  like  most  about 
your  job?  It's  never  boring  -  ever. 


AS  SENIOR  MANAGING  DIRECTOR  and  CIO  at  CME  Croup  for  the  past  five  years. 
Kevin  Kometer  oversaw  IT  operations  during  the  futures  exchange’s  merger 
with  the  Chicago  Board  of  Trade  and  its  acquisition  of  The  New  York  Mercantile 
Exchange.  He  is  responsible  for  advancing  the  global  growth  of  the  company’s  IT 
infrastructure,  including  technology  distribution  for  15  strategic  partnerships  and  to  tele¬ 
communication  hubs  around  the  world.  Last  year,  CME  processed  almost  3  million  futures 
contracts.  The  company  is  currently  rolling  out  the  next  version  of  its  20-year-old  Globex 


You’ve  led  several  mergers  since  becoming  CIO.  what  key  lessons  have  you  learned 
about  integrating  disparate  platforms?  I  would  say  it’s  all  about  setting  expectations 
early  on  as  it  relates  to  the  direction  of  these  platforms  and  the  scope.  So  we  created 
a  nice  framework  going  from  high-level  planning  with  significant  leaders  down  into 


10  COHPUTERWORLD.  OCTOBEB  8. 


"'■“''fSADFFi|.Vj'^*^''*  i:  /  *'"■■  ’ 

i'Jct.ccr66f,?pf,^^._^^  ;;  >.  M  ^  . 
-168:prodiKt_kj=f|.!-.4,  ,’^ 

-  -  [OE/Feb/auifift:  r 
ateqoru_|iJ=TE(i‘ii,i,:  ,  ^ 
:/Feb/c011:lfFili-i:;j  tfi  .(.i.),-..^,.!  „ 
i.j=FLO'-i'EF.  m» 

jFEsEliiniC'fH^'^Iff  ^  ’‘  *  • 
HEDDV'tiodli't"':'*^-*'^-  , 
ISEE'-liiHr’Eu'Elff 
3iFTs-tto*^^^;;:;<J^ 

SL5FFEFDFFiKT^'^,,^>^,.  ^ 

468^?'“ 

,-[0' 

'>11  - 


,j/Feb/3 


t>l 


Machine  data  goes  in. 

Business  insight  comes  out. 

Our  software  turns  your  raw  machine  data  into  refined  business 
insights  by  making  sense  of  the  systems  that  run  your  company- 
servers,  website  clickstreams,  mobile  devices  and  more.  It's  what 
we  call  real-time  operational  intelligence— and  why  over  half  of 
the  Fortune  100’"  use  Splunk'  software  and  have  the  business 
results  to  prove  it. 


www.splu nk.com/goto/listentoyourdata 


splunk>  listen  to  your  data 


THE  GRILL  |  KEVIN  KOMETER 


U  Things  are 
increasingly 
real-time, 

and  that’s 

driving  the  need  for  more 
real-time  data ...  and  it 
drives  an  awful  lot  of  risk 
management  as  well. 


different  companies 
and  you've  got  bias 
toward  one  system 

You’ve  got  to  keep  your 
eye  toward  what  the 
^Is  are,  whether  its 
syneigy  or  functional- 

business  is  aligning 
with  its  decision-mak¬ 
ing  toward  those  goals. 


iQiridlS  Hastheconsumeriza- 

ed  for  more 

CME7  And  bow  have 
I .  .  .  and  it  you  addressed  the 

ui  lot  of  risk  sss::::! 

as  well.  mobile  devices  on  the 

iob?  We've  been  largely 
a  BlackBerry  shop.  We 
decided  the  biggest 
factor  is  security.  So  we 
came  up  with  [a  policy] 
we  felt  comfortable 
with  from  a  security  perspective.  [We  have]  some 
basic  security  requirements,  such  as  wiping,  and  a  list 
of  phones  we're  comfortable  providing.  We've  allowed 
our  staff  to  choose  from  that  list.  We  definitely  see  an 
appetite  for  the  iPhone.  So  we've  tolled  out  iPhones 
quite  a  bit  over  the  last  year. 


and  controllinc  access  to  corporate  dau?  We  re 

actually  in  a  proof  of  concept  right  now  with  mobile 
device  management.  The  information  that  goes  onto 
mobile  devices  from  a  corporate  perspective  is  mostly 
email,  messaging  and  things  of  that  nature.  We're 
preparing  to  do  more  in  the  future.  But  we  want  to 
make  sure  we  have  the  ability  to  control  that  before 
we  provide  access  to  more  data  right  now. 


outside  of  your  traditional  relational  databases.  Wi 
things  of  that  nature. 


We've  got  a  basic  implementation  right  now.  We're 
working  on  fine-tuning  that  and  working  through  a 
few  configuration  and  performance  challenges. 

What  are  you  going  to  be  using  Hadoop  for?  Initially, 
mostly  historical  market  data.  Think  of  it  as  a  market 
data  repository  that  can  be  leveraged  throughout 
the  company  for  a  variety  of  things,  and  ultimately 
passing  that  out  to  the  customer. 

What  does  the  Globex  upgrade  involve?  We  re  moving 
to  some  new  switches.  We're  rurming  mostly  on  Cisco 
switches  at  this  point.  We're  moving  into  some  new 
hardware.  We’ve  rewritten  the  gateways  with  some  dif 
ferent  coding  techniques.  We're  mostly  a  Java  shop,  so 
we’re  minimizit^  garbage  collection  and  doing  a  better 
job  with  threading  and  things  of  that  nature. 

We  were  in  the  proof-of-concept  and  planning 
phase  late  last  year.  That  quickly  went  from  proof  of 
concept  to  execution  at  the  tail  end  of  last  year.  We 
will  see  50%  to  75%  improvement  in  variability  and 
processing  time  of  Globex  orders  and  market  data. 

If  you  couM  offer  one  piece  of  advice  to  young  IT 

that  be?  I  would  try  to  coach  them  into  exploring  a 
number  of  difierent  responsibilities  within  IT.  Too 
often  you  see  an  IT  professional  start  out  on  the 
infrastructure  side  and  stay  there,  or  suit  off  in  the 
application  development  side  and  sUy  there. 

To  become  an  effective  CIO,  you  need  to  explore 
opportunities  in  a  number  of  different  IT  functions 
that  will  give  you  exposure  to  many  businesses  you 
may  be  supporting.  That  collective  experience  will 
prepare  you  best  for  becoming  a  CIO. 
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HERE’S  WHY  ONTARIO,  CANADA 


Onta\io 


BIG  IDEA 

Innovation  is  at  the  core  of  the  information  and 
communications  technology  industry  in  Ontario. 
Canada.  Our  diversified  talent  pool  of  more  than 
300.000  skilled  ICT  workers  -  close  to  60%  of  whom 
are  post-secondary  graduates  -  working  with  world 
leading  infrastructure  and  communications  networks 
means  invention  and  commercialization  come  easy  in 
Ontario.  Ontario  is  home  to  industry  giants  and  small 


YourNextBigIdea.ca/ICT 

22% 


Ontario 


NTToara 

Global  IT  Innovator 


SPOTLIGHT  I  STORAGE 


1&1  DEDICATED  SERVERS 


NEW  INTEL  SERVERS  NOW  AVAILABLE! 

Our  data  centers  offer  top  security,  Cisco  firewall  protection  and  maximum  uptime.  You  get  superior  performance  at  the  lowest 
possible  price.  With  an  extensive  server  range  and  more  then  20  years  experience,  we  know  what  IT  professionals  need.  Get 
full  root  access  for  complete  control.  Also  choose  from  professional  E5  Intel  server  processors  and  the  latest  generation  of 
AMD  processors.  1&1  gives  you  24/7  support.  You  will  benefit  from  a  high  level  of  innovation  with  Over  1,300  internal 
product  developers. 


EXCLUSIVE  TO  1&1: 

Optional  SUSE  Linux  Enterprise  Server 

PARALLELS  PLESK®  PANEL  11 

for  unlimited  domains 

\/  MOBILE  SERVER  MONITORING 
>/  UNLIMITED  TRAFFIC  I 

ncluded  with  no  extra  cost 


DOMAINS  E-MAIL  WEB  HOSTING  eCOMMERCE  SERVERS 


1 1  Parallels 

Plesk  Panel 


1&1 


Call  1  (877)  461-2631  or  buy  online 


www.1and1.com 


I  STORAGE 


glass'’  producT  that  can  auioniatk'a)l>  provision,  resi/c.  back  up 
and  rectAvr  storage  aerms  nuiitiple  publk  and  pri\alo  clouds, 
across  ssstems  troin  dilk.*rentu'ndorsand  for  virtual  inachiiu's 
running  liyptTvisors  from  multiple  vvn<k»rs.  M»»st  orcbestraiion 
loOLs  support  only  a  single  priKluci  liiK\  are  optimized  lor  cc*rtain 
functions  or  don't  sup|virt  the  public,  nuiltitenaiit  objec  t-based 
storage  services  that  prtn  ide  the  lowest  cost  ami  most  flevibilitv. 

It's  even  iiKire  rare  t<i  Kml  on  hc'stration  i(H>is  that  can  manage 
both  virtiul  machines  and  storage.  Creating  true  global  orches¬ 
tration  is  an  e\pc*nsive.  complev  task  usiully  tackled  i«d\  b>  the 
largest  enterprises  w  service  providers  that  can  spread  the  invest¬ 
ment  across  multiple  customeis'(scv  story  below). 

Todav.  storage  management  Is  very  fragmented,  and  tilings 

storage  analyst  Andreev  Reicliinan.  "For  iIk*  most  part.  jtools| 


an  agga'gatioti  platfinm  [that|  can  intc'grate  with  tin*  nj 
ment  tools"  from  infrasti  ucture  providers  such  as  VMware  or 
Amazon,  or  existing  manageim’nt  vendors  such  as  BMC  or  CA,  says 
kalyan  kuinar.  assoc  kite  v  ice  president  and  head  of  cloud  at  HCL. 
CusloiiK^’^s  can  rc*qucM  cijmpute  and  storage  sc*i vices  tImHigh  it.  bin 
tiiev  nucst  kig  m  to  cxkIi  platform’s  nuinageinenf  ctnisole  to  [JCTtorni 

In  the  absence  of  universal  orchestratiJin.  c  usioriuTs  are  using 
t<Kils  that  support  their  hardware  and  software  to  solve  problems  in 
arc'as  sikIi  as  apptkaiion  availability,  disaster  rcroverv  and  c^ualitv 
of  servko.  These  products  fall  int<»  sc'veral  l>road  c.ilegories. 

storage  ‘Hypervisors’ 

A  grow  ing  numtier  of  vemlors  are  otjering  "storage  }jyjK*rvisors" 
that  virtualize  the  storage  and.  in  some  cases,  their  associated 

file  scTvers  tt)  create  scalable.  Ilexihle  pools  ot 
storage.  This  virtualization  layer  often  runs 
on  standard  x86  servers  and  is  i>pTiniized  f*»r 
specific  functions,  storage  protocols  or  appli¬ 
cations.  OiK’  exanipk*  is  DaiaCore  Softwares 
SANsyinphony-\'  which  links  to  VMvvare's 
vCenter  to  autornalkally  discover  VMware 

.A  systems  adminisirat<H‘  can  then  as.sociaie  a 
given  class  of  storage  with  various  sc'rvers.  and 
SANs)  mj)lion\  auiomalicalK  prxAisionsii. 

Hosting  and  integration  services  firm 
Amnet  lechnology  Solutions  has  bc*en  using 
SANsymphony  for  close’  to  three  years,  and 
technologist  Rich  Conway  says  iIr* 
pnKluc t  has  prov  ided  "absolutely  phenom¬ 
ena!"  rcKluridancv.  "The  entire  storage 
infrastructure  was  essentially  mirrorc’d, 
wIktc  both  sides  are  aclive/active,  and  if  aiiv 
»»f  either  side  falls  for  any  reason. 

'  grid  stays  up  and  our  custcmiers 
avs.  SANsymphony 

has  also  enabled  .Amnet  to  eliminate  planned 
dow  mime  for  routine  maitneiiance  such  as 
firmware  upgrades,  viys  Conwa>’. 

Later  this  year.  IBM  plans  to  release  IBM 
SmariCltiiid  Virtual  Storage  Center,  an 
ippliance-bdsetl  virtualization  lawr  that  w  ill  provide  services 
aich  as  backup,  load  balancing  and  snapshots  across  applica- 
md  pn  A  ision  the  right  storage  lor  each  class  ol  service. 
s.i\  s  Sieve  Wojtovvec/.  v  ice  president  of  Tivoli  storage  softw  are 
development  at  IBM. 

Combining  IBM’s  SAN  Volume  Controller  storage  virtualiza¬ 
tion  platform  with  its  Tivoli  Storage  PrcKluctivity  Center  man¬ 
agement  software  and  the  Tivoli  Storage  FlashC'opy  Manager, 
the  SmartCloud  Virtual  Storage  Center  w  ill  prov  ide  consistent 
{lerlormance  on  multiple  vendors'  storage  arravs  in  data  centers 
withiiMOo  kilometers  of  each  other,  say 
dfH'sn'i  I  urrently  support  bliKk  storage,  be  adds, 

Zadara  Storage  runs  its  stfirage  virtuaii/alion  layer  «i 

dmaled  cloud  facilities,  turning 
(iirtn-attachc’d  disk  drives  into  virtual  SAN  arrays.  Noam 
•Shendar,  vice  presidcml  of  business  dev  elopment,  says  this  give 
I  hose  drives  the  performance,  reliability  and  security  of  more  t 
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Powered  by  the  Intel*  Xeon®  processor,  -Cisco  Unified  Computing 
System'”  is  the  server  that  moves  yesterday’s  data  center  into 
tomorrow’s  productivity  center. 


Learn  more  at  cisco.com/servers. 


SPOTLIGHT  I  STORAGE 


pensive  SANs,  and  provides  capabilities  such  as  clustering  usinf 
^miliar  SAN  management  tools. 

Other  vendors  use  a  global  file  system  to  separate  the  details 
of  where  and  how  VMs  or  data  are  stored  from  the  higher-level 
management  objectives,  such  as  meeting  the  terms  of  various 
service-level  agreements  (SLA). 

Among  the  vendors  coming  the  closest  to  offering  combined 
server/storage  management  with  this  approach  is  Tintri,  whose 
“VM-aware”  storage  appliances  are  designed  to  replace  tradi¬ 
tional  storage  units  such  as  volumes.  LUNs  and  files  with  virtua 
disks.  Tintri’s  VMstore  file  system  monitors  and  controls  I/O 
performance  for  each  virtual  disk,  communicating  with  the 


and  how  they  are  using  storage.  It  then  aui 
best  combination  of  storage  for  each  virtui 
fast  but  expensive  solid-state  drives  and 
slower  but  less  costly  disks. 

Meanwhile,  open-source  vendor  Red 
Hat  claims  that  its  Red  Hat  Storage 
Server,  based  on  its  ClusterFS  file 
system,  provides  better  scalability  than 
rivals  because  it  doesn’t  rely  on  a  meta¬ 
data  server,  more  effectively  distributes 
data  and  uses  parallelism  to  maximize 

and  server  management,  along  with  its 
own  storage  and  performance  manage¬ 
ment  software,  in  a  physical  package  that 
includes  three  to  four  x86  server  nodes. 
Cisco  takes  a  similar  approach  to  com¬ 
bining  computing,  storage  and  network¬ 
ing  with  its  FlexFOd  products. 


products  or  certain  parts  of  the  cloud. 

CA  Server  Automation  and  CA  Automation  Suite  for  Clouds 
integrates  with  NetApp’s  OnCommand  storage  management  soft¬ 
ware  to  provision  NetApp  storage  for  various  classes  of  servers. 

Caringo’s  CloudScaler  virtualization  layer  provides  automated, 
policy-based  management  —  but  only  of  storage,  not  virtual 
machirtes.  Like  many  other  orchestration  platforms,  it  doesn’t  rair- 
rently  support  the  block-based  storage  used  in  low-cost,  multitenant 
public  storage  clouds  such  as  Amazon  S3,  but  Caringo  is  working  to 
offer  that  in  the  future. 

Storage  Automator,  a  storage  service  catalog  and  policy  engine 
from  iWave,  currently  supports  only  selected  EMC  and  NetApp 
arrays,  although  broader  support  is  due 


Mr  the  mMt  part, 


expensive,  complex 
to  use  and  have  mixed 
results 


Bridging  Differences 

One  approach  to  cross-cloud  storage 


says  Reichman.  With  VMware  vSphere 
5.0,  for  example,  it  introduced  storage 
profiles  that  let  users  map  the  capa¬ 
bilities  of  a  storage  system  to  a  storage 
profile,  helping  to  ensure  each  virtual 
machine  uses  the  appropriate  data  store. 

This  summer,  VMware  acquired 
DynamicOps,  whose  architecture 
will  allow  vSphere  and  infrastructure 
administrators  to  model  infrastructure 
services.  This  will  enable  the  policy, 
governance  and  self-service  manage¬ 
ment  capabilities  iti  vSphere  to  be  ex- 


22 


Earn  your  degree 
and  IT  certs 
the  same  time! 


Online! 


Earn  up  to  18  respected  industry  certifications  with  your 


online  IT  degree — at  no  additional  cost. 


Relevant  Degrees  AND  Certifications — Accredited  bachelor's  and  master's  degree  progrartls  in 
Networking,  Security,  Software,  and  IT  Management  that  incorporate  up  to  18  certifications  without 
adding  classes  or  costs. 

Opportunity  to  Advance  Quickly— A  competency-based  approach  to  education  that  lets  you 
leverage  prior  experience  and  your  IT  certifications  to  complete  your  degree  faster. 

Flexible  Online  Learning— Log  in  and  learn  anytime,  anywhere  you  can  find  the  time. 

Programs  begin  the  first  of  every  month.  A  smarter  way  to  reach  your  future  can  start  right  now! 


Learn  more: 

Call  Toll-Free  1-866-225-5948  or  go  to  www.wgu.edu/compworid 

Western  Governors  University 

ONtINE.  ACCtLCRATED.  AF-FOROABLE.  ACCREDITED. 


Yesterday’s  storage  architectures 
weren’t  designed  to  handle  the 
big  data  of  today. 
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Your  data  storage  requirements  are 
always  growing.  You  need  a  storage 
solution  that  is  truly  limitless. 


Fortunately  Cleversafe  anticipated  the  need  for  a  limitless 
system  and  has  developed  the  largest  scalable  system  in  the 

<,  world  —  starting  at  1  petabyte  and  growing  to  10  exabytes  and 

•  dOV6rSClf6‘  beyond  -  in  a  single  system.  Cleversafe  is  cost  effective,  secu 
•  reliable.  Prepare  for  the  future  with  Cleversafe  now. 

Visit  www.cleversate.com  to  find  out  why  some 
biggest  storage  users  are  choosing  Cleversafe. 


I  of  the  world’s 


tures,  w4iich  can  brii^  a  lot  more  CPU,  memory  and  networking  to 
the  storage  level.  Traditional  storage  architectures,  with  their  fixed 
amounts  of  CPU,  memory  and  networking,  weren’t  designed  to 
host  applications  nativdy  on  storage  systems.  Today,  the  emerg¬ 
ing  scale-out  architecture  lets  users  add  many  stora^  systems  to 
an  existing  infrastructure  and  scale  up  not  just  capacity,  but  also 
performance,  CPU.  memory  and  networking  equally. 

Advances  in  processing  power  have  also  prompted  the  move 
to  storage  computing.  With  i6-core  processors,  f^  instance, 
systems  have  “incredible  amounts  of  computing  power.  Utiliz¬ 
ing  some  of  that  power  for  things  other  than  straight  application 
processing  is  coming.”  Csaplar  says. 

Server  virtualizatkm  has  also  pushed  traditional 
stoi^e  systems  to  the  tip^ng  point,  with  some¬ 
times  20  m  30  servers  virtualized  onto  one  server. 

“So  now  storage  administrators  are  foced  with  a  tre¬ 
mendous  load  comii^  into  one  storage  system,”  says 
Hu  Yoshida,  CTO  at  Hitachi  Data  Systems.  “That 
has  increased  the  demand  for  I/O  processir^” 

staking  Their  Positions 

Storage  giant  EMC  is  working  on  next-generation 
scale-out  capabilities  at  the  storage  level,  but  the 
vendor  doesn’t  have  a  new  product  to  announce  yet. 

“It’s  certainly  an  area  of  interest,’’  says  Sam  Grocott, 
vice  president  of  marketing.  “From  an  industry 
standpoint,  I  think  everybody  is  looking  at  that.  We 
have  CPU  cycles  and  cores  and  a  lot  more  memory 
that  is  available  for  not  just  storage  tasks  today,  but 
now  for  application  use  cases  as  well.” 

Hitachi  Data  Systems  has  been  steadily  moving 
toward  powerful  storage  computing  since  2000, 

Yoshida  says.  Today,  its  Virtual  Storage  Platform 
can  move  data  to  high-performance  storage  when 
an  application  needs  it  and  move  it  to  lower<lass 
storage  when  performance  is  no  longer  required. 

“It’s  not  just  a  storage  computer  —  it’s  a  hybrid 
multiprocessor,”  Yoshida  says.  “We  also  do  that  in  our  high- 
performance  NAS  product.” 

The  next  step  will  be  “unification,”  he  adds.  “In  our  midrange 
product,  we’ve  added  an  optic  file  system  [so]  users  can  do  file 
as  well  as  block  processing.  Out  file  system  is  built  around  an 
object  architecture,  so  I  can  do  a  query  against  the  metadata  and 
find  things  quickly.  This  is  hovfr  we  combine  hardware  and  CPUs 
running  software  to  speed  up  the  process.”  Hitachi  included  that 
file  system  in  its  Unified  Storage  System  in  April. 


Intricate  Challenges 

High-performance  storage  computing  requires  expertise  in 
servers,  storage  and  applications.  Many  vendors  will  have  to  forge 
partnerships  to  be  successful. 

“Those  three  pieces  are  key  to  [makii^]  this  a  scalable  model." 
Grocott  says.  “The  storage  [vendors  are]  going  to  have  to  have 
strongpartnerships  with  the  application  players,  because  they 
need  to  become  aware  that  [applications]  live  on  storage  and  are 
not  going  through  traditional  networks.  But  also  you  create  that 
scalable  infrastructure  via  hypervisors  —  whether  with  Micro¬ 
soft,  VMware  or  someone  else  —  to  house  these  multiple  applica¬ 
tions  within  the  storage  infrastructure." 


MATCH 


He  does  acknowledge  that  creating  scalable  infrastructure  via 
hypervisors  could  add  a  layer  of  complexity  and  expense. 

“It’s  a  constant  trade-off”  when  it  comes  to  choosing  among 
high  performaivce.  easy  scalability  and  lower  costs,  Grocott  says. 
“I  think  that’s  the  piece  that  needs  to  evolve  the  most  —  making 
sure  the  application  [vendors]  are  aware  of  this  new  storage  en¬ 
vironment  and  we  partner  together  to  figure  out  what’s  the  right 
model,  both  from  an  integration  and  economic  standpoint." 

Right  now,  storage  computing  appliances  are  beii^  marketed  to 
midsize  companies.  “It’s  simpliffoation  for  the  midsize  enterprises 


before  somebody  hits  the  ball  out  of  the  park.” 
Collett  is  a  Computerworld  contributing  writer 
You  con  contact  heratslcolleit@comcasi.nei. 
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PtTez’s  team  began  b)  using  anaU  tic  models  to  predict  which 


dien  list'd  that  information  to  adjust  prices  to  maximize  atten¬ 
dance  —  and  profits.  "This  jpastj  season  we  had  the  largest  ticket 
revenue  in  the  history  of  our  frdnchi.se.  and  we  played  only  34 
games  of  the  45-gamc  season  due  to  the  liK’kout.”  he  says. 

Ask  how  the  iiKjdels  arc  used  to  predict  tin?  best  player  malchuf>s 
and  game  strategies;  howvvvr.  and  PcR’z-is  less  hirtfKxmiing. 


“That's  the  black  box  nobody  talks  about.  ’  he  says. 

Although  it's  still  fairly  eariy  going.  <«hcr  organizatUHis  are 
beginning  to  embrace  predictive  analytics,  the  forward-kK)ktng 
data-mining  discipline  that  cxunblnes  algorithmic  models  with 

lomer  will  be  to  renew  a  season  I  ickct.  The  mxxfels  assign  pnU>- 
abilities  to  each  person.  Armed  with  that  data,  the  business  can 
prepare  to  t.ike  action.  Additional  analysis  can  tlKm  be  applied  to 
predict  how’  successful  different  courses  of  action  will  be. 

The  use  of  predictive  analytics  is  common  in  industries  such 
as  telecommunications,  financial  services  and  retail,  says  Gareth 
Herscbel,  an  analyst  at  Gartner.  “But  overall,  it’s  still  a  relatively 
small  percentage  of  organizations  that  use  it  —  ma>'be  5%." 

Nonetheless,  interest  is  high  in  organizatirms  that  are  still 
focused  on  historical  “descriptive  analytics”  and  in  businesses 
that  are  expanding  the  focus  of  established  predictive  analytic's 
praciices  be^xmd  traditional  nicbe.s  such  as  marketing  and  risk 
management.  Analytics  models  arc  being  used  to  predict  website 
click-thriHigh  rales  and  hcHp  HR  anticipate  wliich  emj^oyees  are 
likely  to  leave  the  company.  Tht*y  ’re  also  used  to  i^mize  lH*lp  desk 
cal!  routing,  by  determining  which 
agent  is  likely  to  do  the  best  job  of 
answering  a  given  user  question. 

“There's  nwre  interest  becau.se 
tlRTe's  more  data."  says  Dean 


Abbott  Analytics.  “The  buzz  is  about 
momentum.  People  are  sayir^,  ‘This 
is  something  I  need  to  do.'  ' 

But  you  have  to  walk  before  you 
can  run,  and  with  Its  daia-heavT 
demands,  predictive  analytics  isn't  looki llff  Alld 

sonK?thing  to  take  up  liglitly  or  ®  . 

haphazardly.  We  asked  businesst‘s 
that  arc  new  to  tlie  game,  as  wx?ll 
as  seasoned  veterans,  to  share  their 
experiences. 


We're  using 
advanced 
analytics  to  be 
moreforward- 


to  manage  by 
exception. 

PROCTER  SGAMBif 


Making  the  Business  Case 

Consumer  products  company 
PnKter  &  Gamble  makes  extensive 
use  of  analytics  to  project  future 
trends,  but  it  wasn't  always  that 
way.  says  Guy  Peri,  director  of  busi¬ 
ness  intelligence  for  P&G's  Global 
Business  Scrvic-esoiganizarion. 

"This  used  to  be  a  RMrview-minxir- 
kioking  company, "  he  says.  “Now 
vvc’r'  using  advanced  analytic's  to 

manage  by  exception.”  Than  means  separating  out  ilk*  aiKMualies 
to  identify  and  projett  genuine  trends. 

P&G  uses  predictive  analytics  for  every  thing  from  proiecting 

manufacturing  c'quipmeiU  will  fail,  and  it  uses  visualization  to 
help  executives  see  which  events  arc  normal  business  variations 
and  which  require  intervention. 

The  place  to  start  is  w  ith  a  clear  untlerstanding  of  the  business 
pro|k)sition.  and  that  s  a  collaborative  process.  “Be  clear  imi  whai 
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It’s  also  imponant  to  keep  the  scope  focused.  Mission  creep 
can  destroy  your  credibility  in  a  hurry.  Peri  says.  Early  on,  P&G 
developed  a  model  to  project  future  market  shares  for  regional 
business  leaders  in  a  line  of  business  he  declined  to  identify.  It 
was  successful  until  the  company  tried  to  use  the  same  model  to 
help  other  business  leaders. 

The  other  leaders  required  a  more  granular  level  of  detail,  but 
Peri's  group  tried  to  make  do  with  the  same  model.  “The  model 
became  unreliable,  and  that  undermined  the  credibility  of  the 
or^nal  analysis,"  which  had  been  spot-on,  he  says. 

New  users  need  to  take  several  steps  to  get  suited  with  predic¬ 
tive  analytics,  says  Peri.  They  should  hire  a  trained  analyst  who 
knows  how  to  develop  a  model  and  apply  it  to  a  business  problem, 
find  the  right  data  to  feed  the  models,  win  the  support  of  both  a 
business  decision-maker  and  an  executive  sponsor  in  the  business 


contracts  and  related  contracts  that  were  at  risk.  “That’s  when 
people  started  to  notice  that  we  really  had  something  that  could 
help  them,”  says  Jones. 

Jones’  advice:  Get  close  to  your  customer,  get  professional  help 
building  your  first  model,  and  present  the  results  in  a  compelling, 
easy-to-understand  way.  “We  didn’t  have  the  right  people  or  exper¬ 
tise  to  begin  with.  We  didn’t  know  what  we  didn’t  know,”  he  says, 
so  he  turned  to  an  outside  data-mining  expert  to  help  with  the 
models.  “That  relationship  helped  us  undersUnd  why  we  failed 
and  kept  us  from  making  the  same  misukes  again,”  Jones  says. 

Overcoming  Business  Skepticism 

while  hiring  a  consulUnt  can  help  with  some  of  the  technical 
details,  that’s  only  part  of  the  challenge,  says  John  Elder,  a  princi¬ 
pal  at  Elder  Research,  a  consuluncy  that  worked  with  Jones  and 


"propensity  to  buy”  models  that  were  designed  to  help  calculate 
the  probability  that  customers  would  buy  this  quarter,  next 
quarter  or  never.  The  models  cover  every  product  in  every  sales 
territory.  The  salespeople  felt  they  already  knew  what  some  of 
the  people  identifi^  by  the  model  were  going  to  buy.  so  Cisco  ex¬ 
cluded  those  sales  when  calculatii^  the  return  on  its  effort.  “The 
first  year  we  did  it,  we  generated  $i  billion  in  sales  uplift.”  says 
Theresa  Kushner,  Qsco's  senior  director  of  customer  and  influ- 
encer  intelligence.  “We  had  an  experience  to  line  up  against  what 
they  thought  they  believed.” 

Ultimately,  predictive  ana¬ 
lytics  is  forcing  a  showdown 
between  data-driven  and 
intuition-based  decision¬ 
making,  says  Eric  Siegel,  pres¬ 
ident  of  Prediction  Impact,  an 
analytics  training  firm  and 
conference  organizer.  “That’s 
the  big  ideological  battle.  It’s  a 
religious  debate.” 

Data:  Getting  to 
Good  Enough 

On  the  technology  side, 
both  building  the  model  an 
preparing  the  data  can  be 
stumbling  blocks.  Predictive 
analytics  is  an  art  as  well  as 
a  scierKe,  and  it  takes  time 
and  effort  to  build  that  first 
model  and  get  the  data  right, 
says  Abbott.  “But  once  you 
build  the  first  one.  the  next 
one  is  much  less  expensive  to 
model"  —  assuming  you’re 
using  the  same  data.  Analysts 
building  an  entirely  different 
model  with  new  data  might 
find  the  second  project  just 
as  time-consuming  as  the 
first.  Nonetheless,  he  says, 

gains,  the  faster  the  process 
becomes.” 

Data  preparation  issues  can 
quickly  derail  a  project,  says 
Siegel.  “Software  vendors  skip 
that  point,”  he  says,  noting 
that  “all  of  the  data  in  a  demo 
has  already  been  put  into  the  correct  format.  They  don’t  get  into 
it  because  h's  the  biggest  obstacle  on  the  technical  side  of  project 
execution  —  and  it  can’t  be  automated.  It’s  a  programming  job.” 

When  Perez  started  the  Orlamlo  Magic’s  pr^ictive  analyt¬ 
ics  initiative  in  zoio,  he  miscalculated  the  time  it  would  take  to 
prepare  the  data.  “All  of  us  were  thinking  that  it  would  he  easier 
than  it  was,”  he  says.  Pulling  data  from  Ticketmaster,  concession 
vernlors  and  other  business  partners  into  a  data  warehouse  took 
much  tonger  than  anticipated.  “We  went  almost  the  entire  season 
without  a  fully  functional  data  warehouse.  The  biggest  thing  we 


learned  was  that  this  really  requites  patience,"  he  says. 

"Everyone  is  embarrassed  alxiut  the  quality  of  their  data,”  says 
Elder,  but  waiting  until  all  of  the  data  is  clearred  up  is  also  a  mistake. 
Usually,  he  says,  the  data  that  really  matters  is  in  pretty  good  shape. 

Iterate  First,  Scale  Later 

At  Intuit,  every  project  starts  small  and  goes  through  cycles  of 
improvement.  "’That’s  our  proce»:  iterative  and  driven  by  small 
scale  before  going  big,”  says  George  Roumeliotis,  data  science 
team  leader.  The  financial 
services  company  started 
using  predictive  analytics 
to  optimize  its  market¬ 
ing  and  upsell  efforts,  and 
now  focuses  on  optimizing 
customers’  experiences  with 

Intuit  developed  pre¬ 
dictive  task  algorithms  to  an¬ 
ticipate  how  users  will  cate¬ 
gorize  financial  transactions 
in  products  such  as  Mint  and 
QuickBooks.  Based  on  the 
results  of  those  algorithms. 
Intuit  applications  make 
suggestions  as  users  enter 
new  transactions.  ’They  also 
anticipate  questions  users 
might  have  and  proactively 
provide  content  and  advice 
that  could  help  them. 

“Start  with  a  clearly 
articulated  business  outcome, 
fextnulate  a  hypothesis  about 
how  the  process  will  contrib¬ 
ute  to  that  outcome,  and  then 
create  an  experimenC  says 
Roumeliotis.  ’Through  A/B 
testing,  analysts  can  gain  the 
confidence  of  business  leaders 
by  creating  parallel  business 
processes  and  demonstrating 
a  measurable  improvemem  in 


choosing  an  existirig  business 
process  that  can  be  optimized 
with  minimal  risk  to  the  busi- 
oess,  he  advises.  Customer 
support,  retention  and  user  experience  ate  great  places  to  get  started. 

While  predictive  analytics  projects  can  require  a  substantial 
investment  up  front,  studies  indicate  that  they  can  deliver  posi¬ 
tive  returns  on  investment,  as  Cisco’s  experience  shows.  Ulti¬ 
mately,  even  small-scale  projects  can  have  an  enormous  impact 
on  the  bottom  line.  “Predictive  analytics  is  about  projecting 
forward  and  transforming  the  company,"  says  Peri. 

The  risks  ate  high,  but  so  are  the  rewards,  says  Robinson. 

“Take  it  to  the  end,"  she  says.  “Be  successfuL  And  act  on  what 


Security  question  #17 

Can  your  Next-Gen  Firewall 
pass  the  ultimate  security 
and  performance  test?  How 
about  excelling  in  three? 
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I  Hired  a  Hacker 


AVERV  important  piece  of  my 
budget  is  the  quarterly  allot 
mem  for  security  assessments. 
I  usually  focus  on  physical 
penetration  testily  of  our 
major  facilities  or  assessments  of  critical 
applications  or  our  own  products.  This 
quarter,  though,  1  decided  to  hire  a  hacker. 

While  I'd  like  to  think  that  we  have 
a  somewhat  hardened  shell,  I  know 


security  incident  and  event  management 
systems  were  protecting  us. 

Other  than  a  list  of  critical  applica¬ 
tions  that  1  wanted  assessed,  1  gave  no 
detailed  information  to  the  consultants. 

I  wanted  them  to  hack  us  the  same  way 
a  determined  individual  or  organization 
would  do  it. 

When  the  report  came  hack  two 
weeks  later,  one  major  finding  was  the 


of  out  application  servers.  The  password 
was  cracked  in  si*  seconds. 

That  password  was  then  used  to  access 
Microsoft  Outlook  Web  Access,  and  the 
hacker/consultant  was  able  to  log  in  with 
the  application  service  account.  Service 
accounts  should,  as  a  matter  of  practice, 
never  have  email  associated  with  them. 

In  any  event,  the  consultant  was 
able  to  enumerate  our  entire  corporate 
directory  and  then  choose  the  name  of 
an  employee  who  worked  in  the  mail- 
room.  He  pulled  as  much  information 
about  that  person  as  he  could  from  the 
Internet,  including  home  address,  phone 
number  and  personal  email  address. 
Posing  as  the  mailroom  employee,  the 
consultant  called  our  help  desk  (he  found 


dependent  assessment  from  a  third  party. 
I  imposed  only  one  constraint  on  the 
consuhant  we  hired:  no  denial-of-service 
attacks.  With  an  outside  firm,  I  could 
also  test  my  security  team's  effective¬ 
ness  at  detecting  suspicious  activity,  so  I 
kept  the  engagement  stealthy;  only  a  few 
trusted  individuals  in  the  IT  department 
knew  about  it  Another  benefit  of  this  ap¬ 
proach  is  that  we  would  get  a  better  idea 
of  how  well  our  data  leak  prevention  and 


used  by  a  hacker  to,  among  other  things, 
map  out  our  internal  network  and  then 
focus  on  some  juicy  targets. 

Another  problem  uncovered  was  the 
potential  for  unauthorized  access  of 
our  infrastructure  through  a  series  of 
vulnerabilities.  One  consultant  discov¬ 
ered  a  SQL  injection  vulnerability  on  an 
Internet-facing  application  and  was  able 
to  issue  a  SQL  query  to  obtain  the  pass¬ 
word  hash  for  a  system  account  on  one 


To  discover  where  your  vulnerabilities  lie,  you  can 
run  an  internal  assessment  or  hire  a  hacker. 


corporate  applications. 

As  you  can  imagine,  I  have  my  work 
cut  out  for  me.  We  need  to  establish 
new  help  desk  procedures  for  validating 
employees,  reconfigure  a  DNS  server, 
plug  SQL  injection  holes,  incorporate 
two-factor  authentication  for  Microsoft 
Outlook  Web  Access  and  review  service 
accounts.  Lastly,  I  need  to  figure  out  why 
my  security  team  rlidn't  detect  any  of  the 
consultant/hacker’s  activity.  ♦ 

This  week  s  journal  is  written  by  a  real 
security  manager.  “Hatbias  Thurman,” 
whose  name  and  employer  have  been 
disguised  /or  obvious  reasons.  Contact  him 
at  mathias_thurman@yahoo.com. 
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IT  Must  Use  Metrics  to 
Move  Out  of  the  Shadows 


IT  must  be 
as  wing  to 
accept  blame 
when  at 
fault  as  It  is 
to  welcome 
praise  when 
successful. 


ERE’S  A  PROBLEM  FOR  IT  LEADERS:  Many  users  feel  that  IT 
is  a  black  hole  that  things  go  into  but  never  come  out  of.  It  doesn’t 
help  that  many  IT  departments  like  it  that  way  and  believe 
the  less  scrutiny,  the  better. 


Former  Ace 
Hardware  CIO  Paul 

H.  infevaMson  Is 


That's  a  dangerous  attitude.  If  IT  wants  to  be  a 
great  enigma,  then  it  must  accept  the  consequenc¬ 
es:  lack  of  respect,  mistrust  of  intent  and  difficulty 
in  entering  into  the  mainstream  of  the  company. 

If  none  of  that  sounds  good,  then  IT  must  open 
itself  up  and  be  accountable  for  its  actions.  It  must 
be  as  willing  to  accept  blame  when  at  fault  as  it  is 
to  welcome  praise  when  successful.  In  short,  IT 
must  start  acting  like  every  other  department. 

The  best  way  to  eliminate  the  veil  of  secrecy 
that  has  fallen  over  most  IT  activities  is  to  develop 
a  reporting  methodology  that  communicates  the 
status  of  projects  to  everyone  in  the  corporation. 
When  I  was  a  CIO,  we  published  a  monthly  report 
listing  projects:  approved,  completed,  in  process 
and  yet  to  be  started.  We  included  the  original 
cost  estimate,  an  estimated  completion  date  and 
any  changes  that  caused  the  initial  estimates  to 
be  adjusted.  We  explained  whether  the  variations 

commodations  of  new  requests  by  the  users  (scope 
creep)  or  new  findings  during  development. 

We  published  this  report  on  the  corporate 
intranet  lot  everyone  to  see,  highli^ting  all  the 
major  changes  in  yellow  so  no  one  could  miss  them. 
In  turn,  those  major  changes  were  discussed  in 


their  status.  No  one  could  ever  say  they  were 
blindsided  by  delays  in  project  completion. 

Our  intranet  reports  set  the  agenda  for 
meetings  of  the  IT  steering  committee,  which 
discussed  project  progress,  significant  cost  issues 
raised  by  new  projects  and  any  other  IT  issues 
that  rose  to  the  level  of  the  officers'  concerns.  The 
committee  might  modify  a  project's  priority  to 
accommodate  a  change  in  the  business,  govern¬ 
ment  requirements  or  legal  issues.  All  of  this  kept 
the  officers  engaged  in  the  IT  agenda  and  partly 
responsible  for  its  actions  —  as  they  should  be, 
since  users  ultimately  own  IT  projects. 

Growing  Up 

Metrics  ate  an  impoitant  step  in  the  maturation 
of  any  IT  department.  Knowledgeable  executives 
always  know  the  numbers  that  are  critical  for  the 
company;  numbers  are  the  language  of  business. 
Alone  in  this  world  of  business,  many  IT  execu¬ 
tives  speak  in  generalities  about  their  department 
and  neglect  to  document  the  critical  numbers  that 
should  point  out  the  IT  department's  successes. 
How  can  they  not  know  the  average  response  time 
for  critical  online  systems  or  the  mean  time  to 
resolve  online  problems  for  users? 
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Influence  101 


We  in  IT  have 
a  very  limited 
understand¬ 
ing  of  what 
influence  IS. 


Paul  Uen,  CEO  of 

Leading  Geeks,  is 
devoted  to  clarifying 
the  murky  world  of 
human  emotion  for 
people  who  gravitate 
toward  concrete 
thinking  His  newest 
book  is  8  Steps  to 
Restoring  Client  Trust 
A  Professional's  Guide 
10  Managing  Client 
Conflict.  You  can 
contact  him  at  into@ 
leadinggeeks.com. 


Nobody  believes  that  “CIO”  stands  for  “chief  influence  officer.” 
CIOs  themselves  know  better,  though  they’d  hke  to  contribute 
to  decision-making.  I  recently  facilitated  a  conversation  cimong  a 
group  of  CIOs  vtdio  collectively  seemed  both  mystified  and  hurt 


by  their  own  lack  of  influence  within  their  organi¬ 
zations.  “I  give  them  what  they  want,  but  when  it 
comes  to  the  big  decisions,  I  don’t  get  a  seat  at  the 

seek  out  the  CIO’s  perspective  when  deliberating 
on  decisions,  they  could  reduce  costs,  become 
more  competitive  and  avoid  costly  mistakes. 

So  we  discussed  how  to  become  mote  influen¬ 
tial.  The  general  view  was  that  CIOs  have  to  better 
publicize  the  IT  department’s  successes  and  work 
harder  to  build  relationships  with  business  execu¬ 
tives.  There’s  nothing  wrong  with  these  measures, 
except  that  they  aren’t  nearly  enou^.  We  in  IT 
have  a  limited  understanding  of  what  influence  is. 

In  its  purest  form,  influence  is  about  one’s 
ability  to  a&ct  the  opinions,  emotions  or  behavior 
of  others.  But  it  isn’t  enough  to  influence  the 
decisions  that  are  made.  To  affect  the  agenda  and 
direction  of  the  organization,  you  need  to  influ¬ 
ence  which  questions  ate  considered. 

To  a  large  degree,  IT  isn’t  influential  because 
we  conflate  influence  with  input.  We  believe  that 
decision-makers  should  consult  us  because  of  the 
inherent  value  of  our  knowledge.  We  are  confused 
when  this  doesn’t  happen,  not  realizing  that  ex¬ 
ecutives  rarely  seek  to  be  influenced;  they  expect 
to  be  lobbied.  While  we  wait  passively  to  share 
information,  others  ate  driving  the  agenda. 

And  even  vdien  we  are  consulted,  our  input 
can  fail  to  persuade  because  we  misa{^iehend 
how  decisions  are  made.  We  believe  that  decisions 
should  be  based  on  a  purely  analytical  process. 

We  pie  facts  in  the  middle  of  the  table.  Weigh  the 
focts  and  decisions  should  be  obvious,  based  on 


an  objectively  verifiable  good.  But  decisions  don’t 
happen  in  the  middle  of  the  table.  Human  deci¬ 
sion-making  is  a  fundamentally  interior  process 
blending  emotions,  intuition  and  information. 

As  geeks,  we  don’t  like  to  trespass  on  other  peo¬ 
ple’s  interior  experiences  and  subjective  reality. 
That’s  the  realm  of  emotions,  and  we  don’t  do 
emotions.  We  don’t  like  to  talk  about  them,  think 
about  them  or  attemp  to  make  others  feel  them. 
And  strategizing  about  how  to  make  someone  feel 
a  certain  way  seems  wrong. 

But  we  can’t  influence  our  business  partners 
without  understanding  their  interior  experience. 
Geeks  have  become  reasonably  good  at  under¬ 
standing  business  processes,  but  we  rarely  con¬ 
sider  the  human  experience  of  inhabiting  those 
processes.  Without  stepping  into  other  people’s 
worldview,  we  have  no  hope  of  gaining  influence. 

To  begin  to  make  IT  influential,  we  must  take 
these  two  steps; 

1.  Overcome  our  resistance  to  the  emotional 
nature  of  decision-making  and  agenda-setting.  We 
must  become  fluent  in  the  language  of  feelings, 
and  learn  to  both  empathize  with  and  elicit  them. 

2.  Make  influential  relationships  part  of  every¬ 
one’s  job.  Influence  takes  place  at  every  level  of 
the  organization,  from  boardroom  to  help  desk. 
Everyone  in  IT  has  an  influence  on  how  our  busi¬ 
ness  partners  experience  us  and  our  technology. 

To  give  our  organizations  the  full  value  of  our 
contributions,  our  knowledge  and  our  products, 
we  must  seek  to  become  influential,  not  wait  for 
influence  to  be  bestowed  upon  us.  Our  organi¬ 
zations  need  us  to  step  up.  Even  if  it  isn’t  oitr  ambi¬ 
tion  to  be  influential,  it  is  our  obligation.  ♦ 
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